Use setifempty to please incompatible httpd versions

Some httpd versions have problem with the old logic leading to resourced served with multiple headers.
author: Lukas Reschke <lukas@owncloud.com> 2015-12-15 16:37:10 +0100
committer: Morris Jobke <hey@morrisjobke.de> 2016-01-08 11:08:37 +0100
commit: 1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd (patch)
tree: 7564e13566591f7772bfc365405ad41a15605c6a /.htaccess
parent: a0345b94650f9ded7b86d53b27624557868747e4 (diff)
download: nextcloud-server-1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd.tar.gz
nextcloud-server-1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/.htaccess b/.htaccess
index bb030c6acca..db1fa997555 100644
--- a/.htaccess
+++ b/.htaccess
@@ -14,9 +14,12 @@
     Header set X-Frame-Options "SAMEORIGIN"
     SetEnv modHeadersAvailable true
 
-    # Add CSP header if not set, used for static resources
-    Header append Content-Security-Policy ""
-    Header edit Content-Security-Policy "^$" "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self'"
+    <IfModule mod_version.c>
+        <IfVersion >= 2.4.7>
+            # Add CSP header if not set, used for static resources
+            Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self'"
+        </IfVersion>
+    </IfModule>
   </IfModule>
 
   # Add cache control for CSS and JS files
author	Lukas Reschke <lukas@owncloud.com>	2015-12-15 16:37:10 +0100
committer	Morris Jobke <hey@morrisjobke.de>	2016-01-08 11:08:37 +0100
commit	1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd (patch)
tree	7564e13566591f7772bfc365405ad41a15605c6a /.htaccess
parent	a0345b94650f9ded7b86d53b27624557868747e4 (diff)
download	nextcloud-server-1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd.tar.gz nextcloud-server-1ae30d1d9c849b3e1ef3e75a78bd3aab49f48afd.zip